Forum for Science, Industry and Business

Sponsored by:     3M 
Search our Site:

 

Injecting Malicious Code Into HTML5-Based Apps

10.04.2014

Scanning 2D barcodes, finding free Wi-Fi access points, sending SMS messages, listening to music, and watching MP4 videos: these are very common activities that we do using our smartphones.

Can you imagine that simply doing these things can get your smarphones infected with "worms" that can not only steal personal information from your phone, but also infect your friends's phones.

Sound scary? It will not be long before worms like this spread among smartphones. What makes the attacks feasible is an emerging technology called HTML5-based app development, and it has been rapidly gaining popularity in the mobile industry.

When the adoption of this technology reaches certain threshold, attacks like this will become quite common, unless we do something to stop it. A recent Gartner report says that by 2016, fifty percent of the mobile apps will be using HTML5-based technologies.

What platforms are affected?

All major mobile systems will be affected, including Android, iOS, Blackberry, Windows Phone, etc., because they all support HTML5-based mobile apps.

A notorious problem of the HTML5-based technology is that malicious code can be easily injected into the program and get executed. That is why the Cross-Site Scripting (XSS) attack is still one of the most common attacks in the Web.

XSS attacks can only target at web applications through a single channel (i.e. the Internet), but with the adoption of the same technology in mobile devices, we have found out that a similar type of attack can not only be launched against mobile apps, it can attack from many channels, including 2D barcode, Wi-Fi scanning, Bluetooth pairing, MP3 songs, MP4 videos, SMS messages, NFC tags, Contact list, etc. As long as an HTML5-based app displays information obtained from outside or from anohter app, it may be a potential victim.

Chris Hittinger | EurekAlert!
Further information:
http://www.cis.syr.edu/~wedu/attack/

More articles from Information Technology:

nachricht Magnetic fields provide a new way to communicate wirelessly
01.09.2015 | University of California - San Diego

nachricht 'Magic' sphere for information transfer
24.08.2015 | Lomonosov Moscow State University

All articles from Information Technology >>>

The most recent press releases about innovation >>>

Die letzten 5 Focus-News des innovations-reports im Überblick:

Im Focus: How wind sculpted Earth's largest dust deposit

China's Loess Plateau was formed by wind alternately depositing dust or removing dust over the last 2.6 million years, according to a new report from University of Arizona geoscientists. The study is the first to explain how the steep-fronted plateau formed.

China's Loess Plateau was formed by wind alternately depositing dust or removing dust over the last 2.6 million years, according to a new report from...

Im Focus: An engineered surface unsticks sticky water droplets

The leaves of the lotus flower, and other natural surfaces that repel water and dirt, have been the model for many types of engineered liquid-repelling surfaces. As slippery as these surfaces are, however, tiny water droplets still stick to them. Now, Penn State researchers have developed nano/micro-textured, highly slippery surfaces able to outperform these naturally inspired coatings, particularly when the water is a vapor or tiny droplets.

Enhancing the mobility of liquid droplets on rough surfaces could improve condensation heat transfer for power-plant heat exchangers, create more efficient...

Im Focus: Increasingly severe disturbances weaken world's temperate forests

Longer, more severe, and hotter droughts and a myriad of other threats, including diseases and more extensive and severe wildfires, are threatening to transform some of the world's temperate forests, a new study published in Science has found. Without informed management, some forests could convert to shrublands or grasslands within the coming decades.

"While we have been trying to manage for resilience of 20th century conditions, we realize now that we must prepare for transformations and attempt to ease...

Im Focus: OU astrophysicist and collaborators find supermassive black holes in quasar nearest Earth

A University of Oklahoma astrophysicist and his Chinese collaborator have found two supermassive black holes in Markarian 231, the nearest quasar to Earth, using observations from NASA's Hubble Space Telescope.

The discovery of two supermassive black holes--one larger one and a second, smaller one--are evidence of a binary black hole and suggests that supermassive...

Im Focus: What would a tsunami in the Mediterranean look like?

A team of European researchers have developed a model to simulate the impact of tsunamis generated by earthquakes and applied it to the Eastern Mediterranean. The results show how tsunami waves could hit and inundate coastal areas in southern Italy and Greece. The study is published today (27 August) in Ocean Science, an open access journal of the European Geosciences Union (EGU).

Though not as frequent as in the Pacific and Indian oceans, tsunamis also occur in the Mediterranean, mainly due to earthquakes generated when the African...

All Focus news of the innovation-report >>>

Anzeige

Anzeige

Event News

Networking conference in Heidelberg for outstanding mathematicians and computer scientists

20.08.2015 | Event News

Scientists meet in Münster for the world’s largest Chitin und Chitosan Conference

20.08.2015 | Event News

Large agribusiness management strategies

19.08.2015 | Event News

 
Latest News

Tiny Drops of Early Universe 'Perfect' Fluid

02.09.2015 | Physics and Astronomy

Learning from Nature: Genomic database standard alleviates search for novel antibiotics

02.09.2015 | Life Sciences

International research project gets high level of funding

02.09.2015 | Awards Funding

VideoLinks
B2B-VideoLinks
More VideoLinks >>>